From 32a095a72c3bab3bf4926854d79f5fb5acf9d7b9 Mon Sep 17 00:00:00 2001
From: "Hahn Axel (hahn)" <axel.hahn@iml.unibe.ch>
Date: Thu, 11 Feb 2021 11:08:36 +0100
Subject: [PATCH] cert matching checks key and cert, not csr anymore

---
 cm.sh | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/cm.sh b/cm.sh
index 28b3584..8461cdf 100755
--- a/cm.sh
+++ b/cm.sh
@@ -106,19 +106,19 @@ function _certTransfer(){
 # internal function; show md5 hashsums for certificate, csr and key
 # for visual comparison if the match
 function _certMatching(){
-	local md5_cert=$( openssl x509 -noout -modulus -in ${CM_outfile_cert} | openssl md5 | cut -f 2 -d " " )
-	local md5_csr=$(  openssl req  -noout -modulus -in ${CM_filecsr}      | openssl md5 | cut -f 2 -d " " )
-	local md5_key=$(  openssl rsa  -noout -modulus -in ${CM_outfile_key}  | openssl md5 | cut -f 2 -d " " )
+	local md5_csr=$(  test -f ${CM_filecsr}      & openssl req  -noout -modulus -in ${CM_filecsr}      | openssl md5 | cut -f 2 -d " " )
+	local md5_key=$(  test -f ${CM_outfile_key}  & openssl rsa  -noout -modulus -in ${CM_outfile_key}  | openssl md5 | cut -f 2 -d " " )
+	local md5_cert=$( test -f ${CM_outfile_cert} & openssl x509 -noout -modulus -in ${CM_outfile_cert} | openssl md5 | cut -f 2 -d " " )
 
 	echo
 	echo "--- compare hashes"
-	echo "cert : $md5_cert"
-	echo "csr  : $md5_csr"
+	echo "csr  : $md5_csr (used for creation of cert)"
 	echo "key  : $md5_key"
-	if [ "$md5_key" = "$md5_cert" -a "$md5_key" = "$md5_csr" ]; then
-		echo "OK, they match :-)"
+	echo "cert : $md5_cert"
+	if [ "$md5_key" = "$md5_cert" ]; then
+		echo "OK, key and cert match :-)"
 	else
-		echo "ERROR: they do NOT MATCH!"
+		echo "ERROR: key and cert do NOT MATCH!"
 	fi
 	echo
 }
@@ -192,11 +192,11 @@ function _requiresFqdn(){
 function _testStaging(){
 	echo $ACME_Params | grep "\-\-staging" >/dev/null
 	if [ $? -eq 0 ]; then
-		_wd "Using LE STAGE environment ..."
+		_wd "Using Let's Encrypt STAGE environment ..."
 		_wd "You can test and mess around. Do not use certs in production."
 	else
-		_wd "Using LE LIVE environment for production."
-		_wd "Be careful with count of connects to LE servers."
+		_wd "Using Let's Encrypt LIVE environment for production."
+		_wd "Be careful with count of connects to Let's Encrypt servers."
 	fi
 	echo
 }
-- 
GitLab